Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
afed3cfd by Salvatore Bonaccorso at 2025-04-05T08:31:46+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-3267 (A vulnerability, which was classified as critical, was found in
qinguo ...)
- TODO: check
+ NOT-FOR-US: qinguoyi TinyWebServer
CVE-2025-3266 (A vulnerability, which was classified as critical, has been
found in q ...)
- TODO: check
+ NOT-FOR-US: qinguoyi TinyWebServer
CVE-2025-3265 (A vulnerability classified as critical was found in PHPGurukul
e-Diary ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3259 (A vulnerability, which was classified as critical, has been
found in T ...)
@@ -9,21 +9,21 @@ CVE-2025-3259 (A vulnerability, which was classified as
critical, has been found
CVE-2025-3258 (A vulnerability classified as critical was found in PHPGurukul
Old Age ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3257 (A vulnerability classified as problematic has been found in
xujiangfei ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3256 (A vulnerability was found in xujiangfei admintwo 1.0. It has
been rate ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3255 (A vulnerability was found in xujiangfei admintwo 1.0. It has
been decl ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3254 (A vulnerability was found in xujiangfei admintwo 1.0. It has
been clas ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3253 (A vulnerability was found in xujiangfei admintwo 1.0 and
classified as ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3252 (A vulnerability has been found in xujiangfei admintwo 1.0 and
classifi ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3251 (A vulnerability, which was classified as problematic, was found
in xuj ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3250 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: elunez eladmin
CVE-2025-3249 (A vulnerability classified as critical was found in TOTOLINK
A6000R 1. ...)
NOT-FOR-US: TOTOLINK
CVE-2025-3245 (A vulnerability was found in itsourcecode Library Management
System 1. ...)
@@ -35,7 +35,7 @@ CVE-2025-3243 (A vulnerability was found in code-projects
Patient Record Managem
CVE-2025-3242 (A vulnerability has been found in PHPGurukul e-Diary Management
System ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3241 (A vulnerability, which was classified as problematic, was found
in zha ...)
- TODO: check
+ NOT-FOR-US: zhangyanbo2007 youkefu
CVE-2025-3240 (A vulnerability, which was classified as critical, has been
found in P ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3239 (A vulnerability classified as critical was found in PHPGurukul
Online ...)
@@ -53,7 +53,7 @@ CVE-2025-3231 (A vulnerability was found in PHPGurukul Zoo
Management System 2.1
CVE-2025-3229 (A vulnerability was found in PHPGurukul Restaurant Table
Booking Syste ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3189 (Stored Cross-Site Scripting (XSS) in DoWISP in versions prior
to 1.16. ...)
- TODO: check
+ NOT-FOR-US: DoWISP
CVE-2025-32280 (Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP
Project M ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32278 (Cross-Site Request Forgery (CSRF) vulnerability in wprio Table
Block b ...)
@@ -89,7 +89,7 @@ CVE-2025-32263 (Cross-Site Request Forgery (CSRF)
vulnerability in BeRocket Sequ
CVE-2025-32262 (Cross-Site Request Forgery (CSRF) vulnerability in Robert D
Payne RDP ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32261 (Cross-Site Request Forgery (CSRF) vulnerability in Kuppuraj
Advanced A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32258 (Missing Authorization vulnerability in InfoGiants Simple
Website Logo ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32257 (Exposure of Sensitive System Information Due to Uncleared
Debug Inform ...)
@@ -105,7 +105,7 @@ CVE-2025-32253 (Missing Authorization vulnerability in
ComMotion Course Booking
CVE-2025-32252 (Missing Authorization vulnerability in blackandwhitedigital WP
Genealo ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32251 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32250 (Cross-Site Request Forgery (CSRF) vulnerability in rollbar
Rollbar all ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32249 (Cross-Site Request Forgery (CSRF) vulnerability in
designinvento Direc ...)
@@ -115,7 +115,7 @@ CVE-2025-32248 (Cross-Site Request Forgery (CSRF)
vulnerability in SwiftXR Swift
CVE-2025-32247 (Cross-Site Request Forgery (CSRF) vulnerability in ABCdatos AI
Content ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32246 (Missing Authorization vulnerability in Tim Nguyen 1-Click
Backup & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32241 (Cross-Site Request Forgery (CSRF) vulnerability in
CleverReach\xae Off ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32239 (Missing Authorization vulnerability in Joao Romao Social Share
Buttons ...)
@@ -129,7 +129,7 @@ CVE-2025-32235 (Missing Authorization vulnerability in
sonaar MP3 Audio Player f
CVE-2025-32234 (Missing Authorization vulnerability in aleswebs AdMail \u2013
Multilin ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32233 (Missing Authorization vulnerability in WP Chill Revive.so
\u2013 Bulk ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32232 (Missing Authorization vulnerability in ERA404 StaffList allows
Exploit ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32231 (Missing Authorization vulnerability in Bookingor Bookingor
allows Expl ...)
@@ -229,7 +229,7 @@ CVE-2025-32163 (Improper Neutralization of Input During Web
Page Generation ('Cr
CVE-2025-32162 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32161 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32159 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32157 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
@@ -293,7 +293,7 @@ CVE-2025-32122 (Improper Neutralization of Special Elements
used in an SQL Comma
CVE-2025-32121 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32120 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32118 (Unrestricted Upload of File with Dangerous Type vulnerability
in Niteo ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32113 (Cross-Site Request Forgery (CSRF) vulnerability in Renzo
Tejada Libro ...)
@@ -333,11 +333,11 @@ CVE-2025-2244 (A vulnerability in
thesendMailFromRemoteSourcemethod in Emails.ph
CVE-2025-2243 (A server-side request forgery (SSRF) vulnerability in
Bitdefender Grav ...)
NOT-FOR-US: Bitdefender
CVE-2025-29477 (An issue in fluent-bit v.3.7.2 allows a local attacker to
cause a deni ...)
- TODO: check
+ NOT-FOR-US: fluent-bit
CVE-2025-29476 (Buffer Overflow vulnerability in compress_chunk_fuzzer with
oss-fuzz o ...)
TODO: check
CVE-2025-28146 (Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3
1.0.15 was ...)
- TODO: check
+ NOT-FOR-US: Edimax
CVE-2025-27520 (BentoML is a Python library for building online serving
systems optimi ...)
TODO: check
CVE-2025-25178 (Software installed and run as a non-privileged user may
conduct improp ...)
@@ -482,7 +482,7 @@ CVE-2024-56528 (This vulnerability affects Snowplow
Collector 3.x before 3.3.0 (
CVE-2024-47217 (An issue was discovered in Iglu Server 0.13.0 and below. It is
similar ...)
NOT-FOR-US: Iglu Server
CVE-2024-47215 (An issue was discovered in Snowbridge setups sending data to
Google Ta ...)
- TODO: check
+ NOT-FOR-US: Snowbridge
CVE-2024-47214 (An issue was discovered in Iglu Server 0.13.0 and below. It is
similar ...)
NOT-FOR-US: Iglu Server
CVE-2024-47213 (An issue was discovered affecting Enrich 5.1.0 and below. It
involves ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afed3cfd915a82156b32eab9b04c212139d701aa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afed3cfd915a82156b32eab9b04c212139d701aa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
